CVE-2021-43893 – Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-43893
Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Windows Encrypting File System (EFS) The EFSRPC service on Microsoft Windows Server versions 2019 and 2022 does not prevent a caller specifying a local device path allowing any authenticated user to upload arbitrary files to a server. • http://packetstormsecurity.com/files/165560/Microsoft-Windows-EFSRPC-Arbitrary-File-Upload-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43893 • CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2021-43883 – Windows Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-43883
Windows Installer Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios de Windows Installer • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43883 •
CVE-2021-43248 – Windows Digital Media Receiver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-43248
Windows Digital Media Receiver Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Windows Digital Media Receiver • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43248 •
CVE-2021-43247 – Windows TCP/IP Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-43247
Windows TCP/IP Driver Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios de Windows TCP/IP Driver This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the tcpip.sys driver. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43247 https://www.zerodayinitiative.com/advisories/ZDI-21-1554 • CWE-787: Out-of-bounds Write •
CVE-2021-43246 – Windows Hyper-V Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-43246
Windows Hyper-V Denial of Service Vulnerability Una vulnerabilidad de Denegación de Servicio en Windows Hyper-V • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43246 •